HOWTO POST SPECIAL TYPE

How to enable sending scheduled email from OpenVAS on Kali ?

On default install of OpenVAS on Kali, email from scheduled tasks does not get sent. Here is the process of 2 steps on how to fix that.

There are 2 issues required to be solved with OpenVAS + Kali:

Versions:

root@kali:~# uname -a Linux kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali1 (2017-11-03) x86_64 GNU/Linux

root@kali:~# apt show openvas* | egrep "Package|Version" WARNING: apt does not have a stable CLI interface. Use with caution in scripts. Package: openvas Version: 9~kali3 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-manager Version: 7.0.2-1 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-scanner Version: 5.1.1-2kali1 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-cli Version: 1.4.5-1+b1 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-manager-common Version: 7.0.2-1 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-nasl Version: 9.0.1-4 APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-scanner-dbgsym Version: 5.1.1-2kali1 Auto-Built-Package: debug-symbols APT-Sources: http://http.kali.org/kali kali-rolling/main amd64 Packages Package: openvas-administrator Package: openvas-plugins Package: openvas-server Package: openvas-client


1) ISSUE 1 - unable to send email from kali

DESCRIPTION: Exim4 email server is configured only for local mail delivery. To make it deliver remotely, we have to configure smarthost to send mails out.

For smarthost, I used SMTP server that answers on port 587. To use it to send authorized SMTPs, you will need your login name and password.

To monitor sending email, we will look file /var/log/exim4/mainlog:

tail -f /var/log/exim4/mainlog

PROCES SHORT DESCRIPTION: (longer example below)

To reconfigure exim4 MTA, we will do next steps:

  1. Run exim4 configuration script:

dpkg-reconfigure exim4-config

 - Select 'mail sent by smarthost; no local mail' (in the middle of menu).
 - system mail name: openvas
 - IP-addresses to listen on for incoming SMTP connections: 127.0.0.1 ; ::1
 - Other destinations for which mail is accepted: localhost.loaldomain
 - Visible domain name for local users: from.openvas.server.nedzadhrnjica.com
 - IP address or host name of the outgoing smarthost: mailserver.nedzadhrnjica.com::587
 - Keep number of DNS-queries minimal (Dial-on-Demand): No
 - Split configuration into small files? No

# to save/reconfigure exim with data we entered, start: update-exim4.conf

  1. Edit file to configure your outgoing SMTP username:password

    vi passwd.client

.............................................................................

``` root@kali:/etc/exim4# date Sri Nov 15 23:21:29 EST 2017

root@kali:/etc/exim4# echo "test1" | mail -s "test1 subject" nhrnjica@gmail.com

root@kali:/etc/exim4# tail /var/log/exim4/mainlog 2017-11-15 23:21:39 1eFBgJ-0006B1-IF <= root@kali U=root P=local S=339 2017-11-15 23:21:39 1eFBgJ-0006B1-IF nhrnjica@gmail.com R=nonlocal: Mailing to remote domains not supported 2017-11-15 23:21:39 1eFBgJ-0006B3-Jh <= <> R=1eFBgJ-0006B1-IF U=Debian-exim P=local S=1492 2017-11-15 23:21:39 1eFBgJ-0006B1-IF Completed 2017-11-15 23:21:39 1eFBgJ-0006B3-Jh nedzad@nedzadhrnjica.com <root@kali> R=nonlocal: Mailing to remote domains not supported 2017-11-15 23:21:39 1eFBgJ-0006B3-Jh Frozen (delivery error message)

root@kali:/etc/exim4# cd /etc/exim4

root@kali:/etc/exim4# ls -l total 92 drwxr-xr-x 9 root root 4096 Nov 7 14:43 conf.d -rw-r--r-- 1 root root 78843 Mar 9 2017 exim4.conf.template -rw-r--r-- 1 root root 204 Nov 15 23:21 passwd.client -rw-r--r-- 1 root root 1043 Nov 15 23:15 update-exim4.conf.conf

root@kali:/etc/exim4# cat passwd.client

password file used when the local exim is authenticating to a remote

host as a client.

#

see exim4_passwd_client(5) for more documentation

#

Example:

target.mail.server.example:login:password

root@kali:/etc/exim4# echo 'mailserver.nedzadhrnjica.com:mail@nedzadhrnjica.com:SomePassword5231#!' >> passwd.client

root@kali:/etc/exim4# cat passwd.client

password file used when the local exim is authenticating to a remote

host as a client.

#

see exim4_passwd_client(5) for more documentation

#

Example:

target.mail.server.example:login:password

mailserver.nedzadhrnjica.com:mail@nedzadhrnjica.com:SomePassword5231#!

root@kali:/etc/exim4# cat update-exim4.conf.conf

/etc/exim4/update-exim4.conf.conf

#

Edit this file and /etc/mailname by hand and execute update-exim4.conf

yourself or use 'dpkg-reconfigure exim4-config'

#

Please note that this is not a dpkg-conffile and that automatic changes

to this file might happen. The code handling this will honor your local

changes, so this is usually fine, but will break local schemes that mess

around with multiple versions of the file.

#

update-exim4.conf uses this file to determine variable values to generate

exim configuration macros for the configuration file.

#

Most settings found in here do have corresponding questions in the

Debconf configuration, but not all of them.

#

This is a Debian specific file

dc_eximconfig_configtype='local' dc_other_hostnames='localhost.localdomain' dc_local_interfaces='127.0.0.1 ; ::1' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='mail_spool'

root@kali:/etc/exim4# dpkg-reconfigure exim4-config

root@kali:/etc/exim4#cat update-exim4.conf.confg

/etc/exim4/update-exim4.conf.conf

#

Edit this file and /etc/mailname by hand and execute update-exim4.conf

yourself or use 'dpkg-reconfigure exim4-config'

#

Please note that this is not a dpkg-conffile and that automatic changes

to this file might happen. The code handling this will honor your local

changes, so this is usually fine, but will break local schemes that mess

around with multiple versions of the file.

#

update-exim4.conf uses this file to determine variable values to generate

exim configuration macros for the configuration file.

#

Most settings found in here do have corresponding questions in the

Debconf configuration, but not all of them.

#

This is a Debian specific file

dc_eximconfig_configtype='satellite' dc_other_hostnames='localhost.localdomain' dc_local_interfaces='127.0.0.1 ; ::1' dc_readhost='from.openvas.server.nedzadhrnjica.com' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='mailserver.nedzadhrnjica.com::587' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='true' dc_mailname_in_oh='true' dc_localdelivery='mail_spool'

root@kali:/etc/exim4# echo "test2" | mail -s "test2 subject" nhrnjica@gmail.com

root@kali:/etc/exim4# tail /var/log/exim4/mainlog 2017-11-15 23:23:53 1eFB45-0005C1-1B Message is frozen 2017-11-15 23:23:53 1eFBbV-00060t-P5 Message is frozen 2017-11-15 23:23:53 1eFB2L-0005AY-K1 Message is frozen 2017-11-15 23:23:53 1eFB2L-0005Ah-UI Message is frozen 2017-11-15 23:23:53 1eFB2M-0005Aw-AK Message is frozen 2017-11-15 23:23:53 1eFB2M-0005At-80 Message is frozen 2017-11-15 23:23:53 End queue run: pid=24477 2017-11-15 23:24:28 1eFBj2-0006NH-Ju <= root@kali U=root P=local S=339 2017-11-15 23:24:35 1eFBj2-0006NH-Ju => nhrnjica@gmail.com R=smarthost T=remote_smtp_smarthost H=mailserver.nedzadhrnjica.com [107.170.103.28] X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 CV=no DN="C=XY,ST=unknown,L=unknown,O=QSMTPD,OU=Server,CN=mailserver.nedzadhrnjica.com,EMAIL=postmaster@mailserver.nedzadhrnjica.com" A=cram_md5 C="250 Queued! 1510806275 qp 25674 <E1eFBj2-0006NH-Ju@kali>" 2017-11-15 23:24:35 1eFBj2-0006NH-Ju Completed

root@kali:/etc/exim4# ```



2) ISSUE with scheuled tasks:

``` cd /var/lib/openvas/CA/ mkdir old/ cp * old/ cp clientsert.pem servercert.pem

cd /var/lib/openvas/private/CA/ mkdir old/ cp * old/ cp clientkey.pem serverkey.pem ```


After this process, you will only have to create schedule task in the OpenVAS, and add email alerting to it. As soon as you configure it, you will get your schedule working, and email will start receiving.

Regards, Nedzad